search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Staging: Add pristine upstream vt6656 driver sources to drivers/staging/vt6656.
[firewire-audio.git] / drivers / staging / vt6656 / dpc.c
blob702304b356a9cff0592b199574239cf82a69d8a5
1 /*
2 * Copyright (c) 1996, 2003 VIA Networking Technologies, Inc.
3 * All rights reserved.
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * File: dpc.c
20 *
21 * Purpose: handle dpc rx functions
22 *
23 * Author: Lyndon Chen
24 *
25 * Date: May 20, 2003
26 *
27 * Functions:
28 * device_receive_frame - Rcv 802.11 frame function
29 * s_bAPModeRxCtl- AP Rcv frame filer Ctl.
30 * s_bAPModeRxData- AP Rcv data frame handle
31 * s_bHandleRxEncryption- Rcv decrypted data via on-fly
32 * s_bHostWepRxEncryption- Rcv encrypted data via host
33 * s_byGetRateIdx- get rate index
34 * s_vGetDASA- get data offset
35 * s_vProcessRxMACHeader- Rcv 802.11 and translate to 802.3
36 *
37 * Revision History:
38 *
39 */
40
41
42 #if !defined(__DEVICE_H__)
43 #include "device.h"
44 #endif
45 #if !defined(__RXTX_H__)
46 #include "rxtx.h"
47 #endif
48 #if !defined(__TETHER_H__)
49 #include "tether.h"
50 #endif
51 #if !defined(__CARD_H__)
52 #include "card.h"
53 #endif
54 #if !defined(__BSSDB_H__)
55 #include "bssdb.h"
56 #endif
57 #if !defined(__MAC_H__)
58 #include "mac.h"
59 #endif
60 #if !defined(__BASEBAND_H__)
61 #include "baseband.h"
62 #endif
63 #if !defined(__UMEM_H__)
64 #include "umem.h"
65 #endif
66 #if !defined(__MICHAEL_H__)
67 #include "michael.h"
68 #endif
69 #if !defined(__TKIP_H__)
70 #include "tkip.h"
71 #endif
72 #if !defined(__TCRC_H__)
73 #include "tcrc.h"
74 #endif
75 #if !defined(__WCTL_H__)
76 #include "wctl.h"
77 #endif
78 #if !defined(__TBIT_H__)
79 #include "tbit.h"
80 #endif
81 #if !defined(__HOSTAP_H__)
82 #include "hostap.h"
83 #endif
84 #if !defined(__RF_H__)
85 #include "rf.h"
86 #endif
87 #if !defined(__IOWPA_H__)
88 #include "iowpa.h"
89 #endif
90 #if !defined(__AES_H__)
91 #include "aes_ccmp.h"
92 #endif
93 #if !defined(__DATARATE_H__)
94 #include "datarate.h"
95 #endif
96 #if !defined(__USBPIPE_H__)
97 #include "usbpipe.h"
98 #endif
99
100
101 /*--------------------- Static Definitions -------------------------*/
102
103 /*--------------------- Static Classes ----------------------------*/
104
105 /*--------------------- Static Variables --------------------------*/
106 //static int msglevel =MSG_LEVEL_DEBUG;
107 static int msglevel =MSG_LEVEL_INFO;
108
109 const BYTE acbyRxRate[MAX_RATE] =
110 {2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108};
111
112
113 /*--------------------- Static Functions --------------------------*/
114
115 /*--------------------- Static Definitions -------------------------*/
116
117 /*--------------------- Static Functions --------------------------*/
118
119 static BYTE s_byGetRateIdx(IN BYTE byRate);
120
121
122 static
123 VOID
124 s_vGetDASA(
125 IN PBYTE pbyRxBufferAddr,
126 OUT PUINT pcbHeaderSize,
127 OUT PSEthernetHeader psEthHeader
128 );
129
130 static
131 VOID
132 s_vProcessRxMACHeader (
133 IN PSDevice pDevice,
134 IN PBYTE pbyRxBufferAddr,
135 IN UINT cbPacketSize,
136 IN BOOL bIsWEP,
137 IN BOOL bExtIV,
138 OUT PUINT pcbHeadSize
139 );
140
141 static BOOL s_bAPModeRxCtl(
142 IN PSDevice pDevice,
143 IN PBYTE pbyFrame,
144 IN INT iSANodeIndex
145 );
146
147
148
149 static BOOL s_bAPModeRxData (
150 IN PSDevice pDevice,
151 IN struct sk_buff* skb,
152 IN UINT FrameSize,
153 IN UINT cbHeaderOffset,
154 IN INT iSANodeIndex,
155 IN INT iDANodeIndex
156 );
157
158
159 static BOOL s_bHandleRxEncryption(
160 IN PSDevice pDevice,
161 IN PBYTE pbyFrame,
162 IN UINT FrameSize,
163 IN PBYTE pbyRsr,
164 OUT PBYTE pbyNewRsr,
165 OUT PSKeyItem *pKeyOut,
166 OUT PBOOL pbExtIV,
167 OUT PWORD pwRxTSC15_0,
168 OUT PDWORD pdwRxTSC47_16
169 );
170
171 static BOOL s_bHostWepRxEncryption(
172
173 IN PSDevice pDevice,
174 IN PBYTE pbyFrame,
175 IN UINT FrameSize,
176 IN PBYTE pbyRsr,
177 IN BOOL bOnFly,
178 IN PSKeyItem pKey,
179 OUT PBYTE pbyNewRsr,
180 OUT PBOOL pbExtIV,
181 OUT PWORD pwRxTSC15_0,
182 OUT PDWORD pdwRxTSC47_16
183
184 );
185
186 /*--------------------- Export Variables --------------------------*/
187
188 /*+
189 *
190 * Description:
191 * Translate Rcv 802.11 header to 802.3 header with Rx buffer
192 *
193 * Parameters:
194 * In:
195 * pDevice
196 * dwRxBufferAddr - Address of Rcv Buffer
197 * cbPacketSize - Rcv Packet size
198 * bIsWEP - If Rcv with WEP
199 * Out:
200 * pcbHeaderSize - 802.11 header size
201 *
202 * Return Value: None
203 *
204 -*/
205 static
206 VOID
207 s_vProcessRxMACHeader (
208 IN PSDevice pDevice,
209 IN PBYTE pbyRxBufferAddr,
210 IN UINT cbPacketSize,
211 IN BOOL bIsWEP,
212 IN BOOL bExtIV,
213 OUT PUINT pcbHeadSize
214 )
215 {
216 PBYTE pbyRxBuffer;
217 UINT cbHeaderSize = 0;
218 PWORD pwType;
219 PS802_11Header pMACHeader;
220 int ii;
221
222
223 pMACHeader = (PS802_11Header) (pbyRxBufferAddr + cbHeaderSize);
224
225 s_vGetDASA((PBYTE)pMACHeader, &cbHeaderSize, &pDevice->sRxEthHeader);
226
227 if (bIsWEP) {
228 if (bExtIV) {
229 // strip IV&ExtIV , add 8 byte
230 cbHeaderSize += (WLAN_HDR_ADDR3_LEN + 8);
231 } else {
232 // strip IV , add 4 byte
233 cbHeaderSize += (WLAN_HDR_ADDR3_LEN + 4);
234 }
235 }
236 else {
237 cbHeaderSize += WLAN_HDR_ADDR3_LEN;
238 };
239
240 pbyRxBuffer = (PBYTE) (pbyRxBufferAddr + cbHeaderSize);
241 if (IS_ETH_ADDRESS_EQUAL(pbyRxBuffer, &pDevice->abySNAP_Bridgetunnel[0])) {
242 cbHeaderSize += 6;
243 }
244 else if (IS_ETH_ADDRESS_EQUAL(pbyRxBuffer, &pDevice->abySNAP_RFC1042[0])) {
245 cbHeaderSize += 6;
246 pwType = (PWORD) (pbyRxBufferAddr + cbHeaderSize);
247 if ((*pwType!= TYPE_PKT_IPX) && (*pwType != cpu_to_le16(0xF380))) {
248 }
249 else {
250 cbHeaderSize -= 8;
251 pwType = (PWORD) (pbyRxBufferAddr + cbHeaderSize);
252 if (bIsWEP) {
253 if (bExtIV) {
254 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN - 8); // 8 is IV&ExtIV
255 } else {
256 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN - 4); // 4 is IV
257 }
258 }
259 else {
260 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN);
261 }
262 }
263 }
264 else {
265 cbHeaderSize -= 2;
266 pwType = (PWORD) (pbyRxBufferAddr + cbHeaderSize);
267 if (bIsWEP) {
268 if (bExtIV) {
269 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN - 8); // 8 is IV&ExtIV
270 } else {
271 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN - 4); // 4 is IV
272 }
273 }
274 else {
275 *pwType = htons(cbPacketSize - WLAN_HDR_ADDR3_LEN);
276 }
277 }
278
279 cbHeaderSize -= (U_ETHER_ADDR_LEN * 2);
280 pbyRxBuffer = (PBYTE) (pbyRxBufferAddr + cbHeaderSize);
281 for(ii=0;ii<U_ETHER_ADDR_LEN;ii++)
282 *pbyRxBuffer++ = pDevice->sRxEthHeader.abyDstAddr[ii];
283 for(ii=0;ii<U_ETHER_ADDR_LEN;ii++)
284 *pbyRxBuffer++ = pDevice->sRxEthHeader.abySrcAddr[ii];
285
286 *pcbHeadSize = cbHeaderSize;
287 }
288
289
290
291
292 static BYTE s_byGetRateIdx (IN BYTE byRate)
293 {
294 BYTE byRateIdx;
295
296 for (byRateIdx = 0; byRateIdx <MAX_RATE ; byRateIdx++) {
297 if (acbyRxRate[byRateIdx%MAX_RATE] == byRate)
298 return byRateIdx;
299 }
300 return 0;
301 }
302
303
304 static
305 VOID
306 s_vGetDASA (
307 IN PBYTE pbyRxBufferAddr,
308 OUT PUINT pcbHeaderSize,
309 OUT PSEthernetHeader psEthHeader
310 )
311 {
312 UINT cbHeaderSize = 0;
313 PS802_11Header pMACHeader;
314 int ii;
315
316 pMACHeader = (PS802_11Header) (pbyRxBufferAddr + cbHeaderSize);
317
318 if ((pMACHeader->wFrameCtl & FC_TODS) == 0) {
319 if (pMACHeader->wFrameCtl & FC_FROMDS) {
320 for(ii=0;ii<U_ETHER_ADDR_LEN;ii++) {
321 psEthHeader->abyDstAddr[ii] = pMACHeader->abyAddr1[ii];
322 psEthHeader->abySrcAddr[ii] = pMACHeader->abyAddr3[ii];
323 }
324 }
325 else {
326 // IBSS mode
327 for(ii=0;ii<U_ETHER_ADDR_LEN;ii++) {
328 psEthHeader->abyDstAddr[ii] = pMACHeader->abyAddr1[ii];
329 psEthHeader->abySrcAddr[ii] = pMACHeader->abyAddr2[ii];
330 }
331 }
332 }
333 else {
334 // Is AP mode..
335 if (pMACHeader->wFrameCtl & FC_FROMDS) {
336 for(ii=0;ii<U_ETHER_ADDR_LEN;ii++) {
337 psEthHeader->abyDstAddr[ii] = pMACHeader->abyAddr3[ii];
338 psEthHeader->abySrcAddr[ii] = pMACHeader->abyAddr4[ii];
339 cbHeaderSize += 6;
340 }
341 }
342 else {
343 for(ii=0;ii<U_ETHER_ADDR_LEN;ii++) {
344 psEthHeader->abyDstAddr[ii] = pMACHeader->abyAddr3[ii];
345 psEthHeader->abySrcAddr[ii] = pMACHeader->abyAddr2[ii];
346 }
347 }
348 };
349 *pcbHeaderSize = cbHeaderSize;
350 }
351
352
353
354
355 BOOL
356 RXbBulkInProcessData (
357 IN PSDevice pDevice,
358 IN PRCB pRCB,
359 IN ULONG BytesToIndicate
360 )
361 {
362
363 struct net_device_stats* pStats=&pDevice->stats;
364 struct sk_buff* skb;
365 PSMgmtObject pMgmt = &(pDevice->sMgmtObj);
366 PSRxMgmtPacket pRxPacket = &(pMgmt->sRxPacket);
367 PS802_11Header p802_11Header;
368 PBYTE pbyRsr;
369 PBYTE pbyNewRsr;
370 PBYTE pbyRSSI;
371 PQWORD pqwTSFTime;
372 PBYTE pbyFrame;
373 BOOL bDeFragRx = FALSE;
374 UINT cbHeaderOffset;
375 UINT FrameSize;
376 WORD wEtherType = 0;
377 INT iSANodeIndex = -1;
378 INT iDANodeIndex = -1;
379 UINT ii;
380 UINT cbIVOffset;
381 PBYTE pbyRxSts;
382 PBYTE pbyRxRate;
383 PBYTE pbySQ;
384 #ifdef Calcu_LinkQual
385 PBYTE pby3SQ;
386 #endif
387 UINT cbHeaderSize;
388 PSKeyItem pKey = NULL;
389 WORD wRxTSC15_0 = 0;
390 DWORD dwRxTSC47_16 = 0;
391 SKeyItem STempKey;
392 // 802.11h RPI
393 //LONG ldBm = 0;
394 BOOL bIsWEP = FALSE;
395 BOOL bExtIV = FALSE;
396 DWORD dwWbkStatus;
397 PRCB pRCBIndicate = pRCB;
398 PBYTE pbyDAddress;
399 PWORD pwPLCP_Length;
400 BYTE abyVaildRate[MAX_RATE] = {2,4,11,22,12,18,24,36,48,72,96,108};
401 WORD wPLCPwithPadding;
402 PS802_11Header pMACHeader;
403 BOOL bRxeapol_key = FALSE;
404
405
406
407 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"---------- RXbBulkInProcessData---\n");
408
409 skb = pRCB->skb;
410
411 //[31:16]RcvByteCount ( not include 4-byte Status )
412 dwWbkStatus = *( (PDWORD)(skb->data) );
413 FrameSize = (UINT)(dwWbkStatus >> 16);
414 FrameSize += 4;
415
416 if (BytesToIndicate != FrameSize) {
417 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"---------- WRONG Length 1 \n");
418 return FALSE;
419 }
420
421 if ((BytesToIndicate > 2372)||(BytesToIndicate <= 40)) {
422 // Frame Size error drop this packet.
423 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"---------- WRONG Length 2 \n");
424 return FALSE;
425 }
426
427 pbyDAddress = (PBYTE)(skb->data);
428 pbyRxSts = pbyDAddress+4;
429 pbyRxRate = pbyDAddress+5;
430
431 //real Frame Size = USBFrameSize -4WbkStatus - 4RxStatus - 8TSF - 4RSR - 4SQ3 - ?Padding
432 //if SQ3 the range is 24~27, if no SQ3 the range is 20~23
433 //real Frame size in PLCPLength field.
434 pwPLCP_Length = (PWORD) (pbyDAddress + 6);
435 //Fix hardware bug => PLCP_Length error
436 if ( ((BytesToIndicate - (*pwPLCP_Length)) > 27) ||
437 ((BytesToIndicate - (*pwPLCP_Length)) < 24) ||
438 (BytesToIndicate < (*pwPLCP_Length)) ) {
439
440 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"Wrong PLCP Length %x\n", (int) *pwPLCP_Length);
441 ASSERT(0);
442 return FALSE;
443 }
444 for ( ii=RATE_1M;ii<MAX_RATE;ii++) {
445 if ( *pbyRxRate == abyVaildRate[ii] ) {
446 break;
447 }
448 }
449 if ( ii==MAX_RATE ) {
450 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"Wrong RxRate %x\n",(int) *pbyRxRate);
451 return FALSE;
452 }
453
454 wPLCPwithPadding = ( (*pwPLCP_Length / 4) + ( (*pwPLCP_Length % 4) ? 1:0 ) ) *4;
455
456 pqwTSFTime = (PQWORD) (pbyDAddress + 8 + wPLCPwithPadding);
457 #ifdef Calcu_LinkQual
458 if(pDevice->byBBType == BB_TYPE_11G) {
459 pby3SQ = pbyDAddress + 8 + wPLCPwithPadding + 12;
460 pbySQ = pby3SQ;
461 }
462 else {
463 pbySQ = pbyDAddress + 8 + wPLCPwithPadding + 8;
464 pby3SQ = pbySQ;
465 }
466 #else
467 pbySQ = pbyDAddress + 8 + wPLCPwithPadding + 8;
468 #endif
469 pbyNewRsr = pbyDAddress + 8 + wPLCPwithPadding + 9;
470 pbyRSSI = pbyDAddress + 8 + wPLCPwithPadding + 10;
471 pbyRsr = pbyDAddress + 8 + wPLCPwithPadding + 11;
472
473 FrameSize = *pwPLCP_Length;
474
475 pbyFrame = pbyDAddress + 8;
476 // update receive statistic counter
477
478 STAvUpdateRDStatCounter(&pDevice->scStatistic,
479 *pbyRsr,
480 *pbyNewRsr,
481 *pbyRxSts,
482 *pbyRxRate,
483 pbyFrame,
484 FrameSize
485 );
486
487
488 pMACHeader = (PS802_11Header) pbyFrame;
489
490 //mike add: to judge if current AP is activated?
491 if ((pMgmt->eCurrMode == WMAC_MODE_STANDBY) ||
492 (pMgmt->eCurrMode == WMAC_MODE_ESS_STA)) {
493 if (pMgmt->sNodeDBTable[0].bActive) {
494 if(IS_ETH_ADDRESS_EQUAL (pMgmt->abyCurrBSSID, pMACHeader->abyAddr2) ) {
495 if (pMgmt->sNodeDBTable[0].uInActiveCount != 0)
496 pMgmt->sNodeDBTable[0].uInActiveCount = 0;
497 }
498 }
499 }
500
501 if (!IS_MULTICAST_ADDRESS(pMACHeader->abyAddr1) && !IS_BROADCAST_ADDRESS(pMACHeader->abyAddr1)) {
502 if ( WCTLbIsDuplicate(&(pDevice->sDupRxCache), (PS802_11Header) pbyFrame) ) {
503 pDevice->s802_11Counter.FrameDuplicateCount++;
504 return FALSE;
505 }
506
507 if ( !IS_ETH_ADDRESS_EQUAL (pDevice->abyCurrentNetAddr, pMACHeader->abyAddr1) ) {
508 return FALSE;
509 }
510 }
511
512
513 // Use for TKIP MIC
514 s_vGetDASA(pbyFrame, &cbHeaderSize, &pDevice->sRxEthHeader);
515
516 if (IS_ETH_ADDRESS_EQUAL((PBYTE)&(pDevice->sRxEthHeader.abySrcAddr[0]), pDevice->abyCurrentNetAddr))
517 return FALSE;
518
519 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_AP) || (pMgmt->eCurrMode == WMAC_MODE_IBSS_STA)) {
520 if (IS_CTL_PSPOLL(pbyFrame) || !IS_TYPE_CONTROL(pbyFrame)) {
521 p802_11Header = (PS802_11Header) (pbyFrame);
522 // get SA NodeIndex
523 if (BSSbIsSTAInNodeDB(pDevice, (PBYTE)(p802_11Header->abyAddr2), &iSANodeIndex)) {
524 pMgmt->sNodeDBTable[iSANodeIndex].ulLastRxJiffer = jiffies;
525 pMgmt->sNodeDBTable[iSANodeIndex].uInActiveCount = 0;
526 }
527 }
528 }
529
530 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
531 if (s_bAPModeRxCtl(pDevice, pbyFrame, iSANodeIndex) == TRUE) {
532 return FALSE;
533 }
534 }
535
536
537 if (IS_FC_WEP(pbyFrame)) {
538 BOOL bRxDecryOK = FALSE;
539
540 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"rx WEP pkt\n");
541 bIsWEP = TRUE;
542 if ((pDevice->bEnableHostWEP) && (iSANodeIndex >= 0)) {
543 pKey = &STempKey;
544 pKey->byCipherSuite = pMgmt->sNodeDBTable[iSANodeIndex].byCipherSuite;
545 pKey->dwKeyIndex = pMgmt->sNodeDBTable[iSANodeIndex].dwKeyIndex;
546 pKey->uKeyLength = pMgmt->sNodeDBTable[iSANodeIndex].uWepKeyLength;
547 pKey->dwTSC47_16 = pMgmt->sNodeDBTable[iSANodeIndex].dwTSC47_16;
548 pKey->wTSC15_0 = pMgmt->sNodeDBTable[iSANodeIndex].wTSC15_0;
549 memcpy(pKey->abyKey,
550 &pMgmt->sNodeDBTable[iSANodeIndex].abyWepKey[0],
551 pKey->uKeyLength
552 );
553
554 bRxDecryOK = s_bHostWepRxEncryption(pDevice,
555 pbyFrame,
556 FrameSize,
557 pbyRsr,
558 pMgmt->sNodeDBTable[iSANodeIndex].bOnFly,
559 pKey,
560 pbyNewRsr,
561 &bExtIV,
562 &wRxTSC15_0,
563 &dwRxTSC47_16);
564 } else {
565 bRxDecryOK = s_bHandleRxEncryption(pDevice,
566 pbyFrame,
567 FrameSize,
568 pbyRsr,
569 pbyNewRsr,
570 &pKey,
571 &bExtIV,
572 &wRxTSC15_0,
573 &dwRxTSC47_16);
574 }
575
576 if (bRxDecryOK) {
577 if ((*pbyNewRsr & NEWRSR_DECRYPTOK) == 0) {
578 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ICV Fail\n");
579 if ( (pMgmt->eAuthenMode == WMAC_AUTH_WPA) ||
580 (pMgmt->eAuthenMode == WMAC_AUTH_WPAPSK) ||
581 (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) ||
582 (pMgmt->eAuthenMode == WMAC_AUTH_WPA2) ||
583 (pMgmt->eAuthenMode == WMAC_AUTH_WPA2PSK)) {
584
585 if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_TKIP)) {
586 pDevice->s802_11Counter.TKIPICVErrors++;
587 } else if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_CCMP)) {
588 pDevice->s802_11Counter.CCMPDecryptErrors++;
589 } else if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_WEP)) {
590 // pDevice->s802_11Counter.WEPICVErrorCount.QuadPart++;
591 }
592 }
593 return FALSE;
594 }
595 } else {
596 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"WEP Func Fail\n");
597 return FALSE;
598 }
599 if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_CCMP))
600 FrameSize -= 8; // Message Integrity Code
601 else
602 FrameSize -= 4; // 4 is ICV
603 }
604
605
606 //
607 // RX OK
608 //
609 //remove the CRC length
610 FrameSize -= U_CRC_LEN;
611
612 if ((BITbIsAllBitsOff(*pbyRsr, (RSR_ADDRBROAD | RSR_ADDRMULTI))) && // unicast address
613 (IS_FRAGMENT_PKT((pbyFrame)))
614 ) {
615 // defragment
616 bDeFragRx = WCTLbHandleFragment(pDevice, (PS802_11Header) (pbyFrame), FrameSize, bIsWEP, bExtIV);
617 pDevice->s802_11Counter.ReceivedFragmentCount++;
618 if (bDeFragRx) {
619 // defrag complete
620 // TODO skb, pbyFrame
621 skb = pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx].skb;
622 FrameSize = pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx].cbFrameLength;
623 pbyFrame = skb->data + 8;
624 }
625 else {
626 return FALSE;
627 }
628 }
629
630 //
631 // Management & Control frame Handle
632 //
633 if ((IS_TYPE_DATA((pbyFrame))) == FALSE) {
634 // Handle Control & Manage Frame
635
636 if (IS_TYPE_MGMT((pbyFrame))) {
637 PBYTE pbyData1;
638 PBYTE pbyData2;
639
640 pRxPacket = &(pRCB->sMngPacket);
641 pRxPacket->p80211Header = (PUWLAN_80211HDR)(pbyFrame);
642 pRxPacket->cbMPDULen = FrameSize;
643 pRxPacket->uRSSI = *pbyRSSI;
644 pRxPacket->bySQ = *pbySQ;
645 HIDWORD(pRxPacket->qwLocalTSF) = cpu_to_le32(HIDWORD(*pqwTSFTime));
646 LODWORD(pRxPacket->qwLocalTSF) = cpu_to_le32(LODWORD(*pqwTSFTime));
647 if (bIsWEP) {
648 // strip IV
649 pbyData1 = WLAN_HDR_A3_DATA_PTR(pbyFrame);
650 pbyData2 = WLAN_HDR_A3_DATA_PTR(pbyFrame) + 4;
651 for (ii = 0; ii < (FrameSize - 4); ii++) {
652 *pbyData1 = *pbyData2;
653 pbyData1++;
654 pbyData2++;
655 }
656 }
657
658 pRxPacket->byRxRate = s_byGetRateIdx(*pbyRxRate);
659
660 if ( *pbyRxSts == 0 ) {
661 //Discard beacon packet which channel is 0
662 if ( (WLAN_GET_FC_FSTYPE((pRxPacket->p80211Header->sA3.wFrameCtl)) == WLAN_FSTYPE_BEACON) ||
663 (WLAN_GET_FC_FSTYPE((pRxPacket->p80211Header->sA3.wFrameCtl)) == WLAN_FSTYPE_PROBERESP) ) {
664 return TRUE;
665 }
666 }
667 pRxPacket->byRxChannel = (*pbyRxSts) >> 2;
668
669 // hostap Deamon handle 802.11 management
670 if (pDevice->bEnableHostapd) {
671 skb->dev = pDevice->apdev;
672 //skb->data += 4;
673 //skb->tail += 4;
674 skb->data += 8;
675 skb->tail += 8;
676 skb_put(skb, FrameSize);
677 //2008-4-3 modify by Chester for wpa
678 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22)
679 skb->mac_header = skb->data;
680 #else
681 skb->mac.raw = skb->data;
682 #endif
683 skb->pkt_type = PACKET_OTHERHOST;
684 skb->protocol = htons(ETH_P_802_2);
685 memset(skb->cb, 0, sizeof(skb->cb));
686 netif_rx(skb);
687 return TRUE;
688 }
689
690 //
691 // Insert the RCB in the Recv Mng list
692 //
693 EnqueueRCB(pDevice->FirstRecvMngList, pDevice->LastRecvMngList, pRCBIndicate);
694 pDevice->NumRecvMngList++;
695 if ( bDeFragRx == FALSE) {
696 pRCB->Ref++;
697 }
698 if (pDevice->bIsRxMngWorkItemQueued == FALSE) {
699 pDevice->bIsRxMngWorkItemQueued = TRUE;
700 tasklet_schedule(&pDevice->RxMngWorkItem);
701 }
702
703 }
704 else {
705 // Control Frame
706 };
707 return FALSE;
708 }
709 else {
710 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
711 //In AP mode, hw only check addr1(BSSID or RA) if equal to local MAC.
712 if (BITbIsBitOff(*pbyRsr, RSR_BSSIDOK)) {
713 if (bDeFragRx) {
714 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
715 DBG_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
716 pDevice->dev->name);
717 }
718 }
719 return FALSE;
720 }
721 }
722 else {
723 // discard DATA packet while not associate || BSSID error
724 if ((pDevice->bLinkPass == FALSE) ||
725 BITbIsBitOff(*pbyRsr, RSR_BSSIDOK)) {
726 if (bDeFragRx) {
727 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
728 DBG_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
729 pDevice->dev->name);
730 }
731 }
732 return FALSE;
733 }
734 //mike add:station mode check eapol-key challenge--->
735 {
736 BYTE Protocol_Version; //802.1x Authentication
737 BYTE Packet_Type; //802.1x Authentication
738 BYTE Descriptor_type;
739 WORD Key_info;
740 if (bIsWEP)
741 cbIVOffset = 8;
742 else
743 cbIVOffset = 0;
744 wEtherType = (skb->data[cbIVOffset + 8 + 24 + 6] << 8) |
745 skb->data[cbIVOffset + 8 + 24 + 6 + 1];
746 Protocol_Version = skb->data[cbIVOffset + 8 + 24 + 6 + 1 +1];
747 Packet_Type = skb->data[cbIVOffset + 8 + 24 + 6 + 1 +1+1];
748 if (wEtherType == ETH_P_PAE) { //Protocol Type in LLC-Header
749 if(((Protocol_Version==1) ||(Protocol_Version==2)) &&
750 (Packet_Type==3)) { //802.1x OR eapol-key challenge frame receive
751 bRxeapol_key = TRUE;
752 Descriptor_type = skb->data[cbIVOffset + 8 + 24 + 6 + 1 +1+1+1+2];
753 Key_info = (skb->data[cbIVOffset + 8 + 24 + 6 + 1 +1+1+1+2+1]<<8) |skb->data[cbIVOffset + 8 + 24 + 6 + 1 +1+1+1+2+2] ;
754 if(Descriptor_type==2) { //RSN
755 // printk("WPA2_Rx_eapol-key_info<-----:%x\n",Key_info);
756 }
757 else if(Descriptor_type==254) {
758 // printk("WPA_Rx_eapol-key_info<-----:%x\n",Key_info);
759 }
760 }
761 }
762 }
763 //mike add:station mode check eapol-key challenge<---
764 }
765 }
766
767
768 // Data frame Handle
769
770
771 if (pDevice->bEnablePSMode) {
772 if (IS_FC_MOREDATA((pbyFrame))) {
773 if (BITbIsBitOn(*pbyRsr, RSR_ADDROK)) {
774 //PSbSendPSPOLL((PSDevice)pDevice);
775 }
776 }
777 else {
778 if (pMgmt->bInTIMWake == TRUE) {
779 pMgmt->bInTIMWake = FALSE;
780 }
781 }
782 };
783
784 // Now it only supports 802.11g Infrastructure Mode, and support rate must up to 54 Mbps
785 if (pDevice->bDiversityEnable && (FrameSize>50) &&
786 (pDevice->eOPMode == OP_MODE_INFRASTRUCTURE) &&
787 (pDevice->bLinkPass == TRUE)) {
788 BBvAntennaDiversity(pDevice, s_byGetRateIdx(*pbyRxRate), 0);
789 }
790
791 // ++++++++ For BaseBand Algorithm +++++++++++++++
792 pDevice->uCurrRSSI = *pbyRSSI;
793 pDevice->byCurrSQ = *pbySQ;
794
795 // todo
796 /*
797 if ((*pbyRSSI != 0) &&
798 (pMgmt->pCurrBSS!=NULL)) {
799 RFvRSSITodBm(pDevice, *pbyRSSI, &ldBm);
800 // Moniter if RSSI is too strong.
801 pMgmt->pCurrBSS->byRSSIStatCnt++;
802 pMgmt->pCurrBSS->byRSSIStatCnt %= RSSI_STAT_COUNT;
803 pMgmt->pCurrBSS->ldBmAverage[pMgmt->pCurrBSS->byRSSIStatCnt] = ldBm;
804 for(ii=0;ii<RSSI_STAT_COUNT;ii++) {
805 if (pMgmt->pCurrBSS->ldBmAverage[ii] != 0) {
806 pMgmt->pCurrBSS->ldBmMAX = max(pMgmt->pCurrBSS->ldBmAverage[ii], ldBm);
807 }
808 }
809 }
810 */
811
812
813 // -----------------------------------------------
814
815 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_AP) && (pDevice->bEnable8021x == TRUE)){
816 BYTE abyMacHdr[24];
817
818 // Only 802.1x packet incoming allowed
819 if (bIsWEP)
820 cbIVOffset = 8;
821 else
822 cbIVOffset = 0;
823 wEtherType = (skb->data[cbIVOffset + 8 + 24 + 6] << 8) |
824 skb->data[cbIVOffset + 8 + 24 + 6 + 1];
825
826 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"wEtherType = %04x \n", wEtherType);
827 if (wEtherType == ETH_P_PAE) {
828 skb->dev = pDevice->apdev;
829
830 if (bIsWEP == TRUE) {
831 // strip IV header(8)
832 memcpy(&abyMacHdr[0], (skb->data + 8), 24);
833 memcpy((skb->data + 8 + cbIVOffset), &abyMacHdr[0], 24);
834 }
835
836 skb->data += (cbIVOffset + 8);
837 skb->tail += (cbIVOffset + 8);
838 skb_put(skb, FrameSize);
839 //2008-4-3 modify by Chester for wpa
840 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22)
841 skb->mac_header = skb->data;
842 #else
843 skb->mac.raw = skb->data;
844 #endif
845 skb->pkt_type = PACKET_OTHERHOST;
846 skb->protocol = htons(ETH_P_802_2);
847 memset(skb->cb, 0, sizeof(skb->cb));
848 netif_rx(skb);
849 return TRUE;
850
851 }
852 // check if 802.1x authorized
853 if (!(pMgmt->sNodeDBTable[iSANodeIndex].dwFlags & WLAN_STA_AUTHORIZED))
854 return FALSE;
855 }
856
857
858 if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_TKIP)) {
859 if (bIsWEP) {
860 FrameSize -= 8; //MIC
861 }
862 }
863
864 //--------------------------------------------------------------------------------
865 // Soft MIC
866 if ((pKey != NULL) && (pKey->byCipherSuite == KEY_CTL_TKIP)) {
867 if (bIsWEP) {
868 PDWORD pdwMIC_L;
869 PDWORD pdwMIC_R;
870 DWORD dwMIC_Priority;
871 DWORD dwMICKey0 = 0, dwMICKey1 = 0;
872 DWORD dwLocalMIC_L = 0;
873 DWORD dwLocalMIC_R = 0;
874 viawget_wpa_header *wpahdr;
875
876
877 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
878 dwMICKey0 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[24]));
879 dwMICKey1 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[28]));
880 }
881 else {
882 if (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) {
883 dwMICKey0 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[16]));
884 dwMICKey1 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[20]));
885 } else if ((pKey->dwKeyIndex & BIT28) == 0) {
886 dwMICKey0 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[16]));
887 dwMICKey1 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[20]));
888 } else {
889 dwMICKey0 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[24]));
890 dwMICKey1 = cpu_to_le32(*(PDWORD)(&pKey->abyKey[28]));
891 }
892 }
893
894 MIC_vInit(dwMICKey0, dwMICKey1);
895 MIC_vAppend((PBYTE)&(pDevice->sRxEthHeader.abyDstAddr[0]), 12);
896 dwMIC_Priority = 0;
897 MIC_vAppend((PBYTE)&dwMIC_Priority, 4);
898 // 4 is Rcv buffer header, 24 is MAC Header, and 8 is IV and Ext IV.
899 MIC_vAppend((PBYTE)(skb->data + 8 + WLAN_HDR_ADDR3_LEN + 8),
900 FrameSize - WLAN_HDR_ADDR3_LEN - 8);
901 MIC_vGetMIC(&dwLocalMIC_L, &dwLocalMIC_R);
902 MIC_vUnInit();
903
904 pdwMIC_L = (PDWORD)(skb->data + 8 + FrameSize);
905 pdwMIC_R = (PDWORD)(skb->data + 8 + FrameSize + 4);
906
907
908 if ((cpu_to_le32(*pdwMIC_L) != dwLocalMIC_L) || (cpu_to_le32(*pdwMIC_R) != dwLocalMIC_R) ||
909 (pDevice->bRxMICFail == TRUE)) {
910 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"MIC comparison is fail!\n");
911 pDevice->bRxMICFail = FALSE;
912 //pDevice->s802_11Counter.TKIPLocalMICFailures.QuadPart++;
913 pDevice->s802_11Counter.TKIPLocalMICFailures++;
914 if (bDeFragRx) {
915 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
916 DBG_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
917 pDevice->dev->name);
918 }
919 }
920 //2008-0409-07, <Add> by Einsn Liu
921 #ifdef WPA_SUPPLICANT_DRIVER_WEXT_SUPPORT
922 //send event to wpa_supplicant
923 //if(pDevice->bWPASuppWextEnabled == TRUE)
924 {
925 union iwreq_data wrqu;
926 struct iw_michaelmicfailure ev;
927 int keyidx = pbyFrame[cbHeaderSize+3] >> 6; //top two-bits
928 memset(&ev, 0, sizeof(ev));
929 ev.flags = keyidx & IW_MICFAILURE_KEY_ID;
930 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_STA) &&
931 (pMgmt->eCurrState == WMAC_STATE_ASSOC) &&
932 (*pbyRsr & (RSR_ADDRBROAD | RSR_ADDRMULTI)) == 0) {
933 ev.flags |= IW_MICFAILURE_PAIRWISE;
934 } else {
935 ev.flags |= IW_MICFAILURE_GROUP;
936 }
937
938 ev.src_addr.sa_family = ARPHRD_ETHER;
939 memcpy(ev.src_addr.sa_data, pMACHeader->abyAddr2, ETH_ALEN);
940 memset(&wrqu, 0, sizeof(wrqu));
941 wrqu.data.length = sizeof(ev);
942 PRINT_K("wireless_send_event--->IWEVMICHAELMICFAILURE\n");
943 wireless_send_event(pDevice->dev, IWEVMICHAELMICFAILURE, &wrqu, (char *)&ev);
944
945 }
946 #endif
947
948
949 if ((pDevice->bWPADEVUp) && (pDevice->skb != NULL)) {
950 wpahdr = (viawget_wpa_header *)pDevice->skb->data;
951 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_STA) &&
952 (pMgmt->eCurrState == WMAC_STATE_ASSOC) &&
953 (*pbyRsr & (RSR_ADDRBROAD | RSR_ADDRMULTI)) == 0) {
954 //s802_11_Status.Flags = NDIS_802_11_AUTH_REQUEST_PAIRWISE_ERROR;
955 wpahdr->type = VIAWGET_PTK_MIC_MSG;
956 } else {
957 //s802_11_Status.Flags = NDIS_802_11_AUTH_REQUEST_GROUP_ERROR;
958 wpahdr->type = VIAWGET_GTK_MIC_MSG;
959 }
960 wpahdr->resp_ie_len = 0;
961 wpahdr->req_ie_len = 0;
962 skb_put(pDevice->skb, sizeof(viawget_wpa_header));
963 pDevice->skb->dev = pDevice->wpadev;
964 //2008-4-3 modify by Chester for wpa
965 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22)
966 pDevice->skb->mac_header = pDevice->skb->data;
967 #else
968 pDevice->skb->mac.raw = pDevice->skb->data;
969 #endif
970 pDevice->skb->pkt_type = PACKET_HOST;
971 pDevice->skb->protocol = htons(ETH_P_802_2);
972 memset(pDevice->skb->cb, 0, sizeof(pDevice->skb->cb));
973 netif_rx(pDevice->skb);
974 pDevice->skb = dev_alloc_skb((int)pDevice->rx_buf_sz);
975 };
976
977 return FALSE;
978
979 }
980 }
981 } //---end of SOFT MIC-----------------------------------------------------------------------
982
983 // ++++++++++ Reply Counter Check +++++++++++++
984
985 if ((pKey != NULL) && ((pKey->byCipherSuite == KEY_CTL_TKIP) ||
986 (pKey->byCipherSuite == KEY_CTL_CCMP))) {
987 if (bIsWEP) {
988 WORD wLocalTSC15_0 = 0;
989 DWORD dwLocalTSC47_16 = 0;
990 ULONGLONG RSC = 0;
991 // endian issues
992 RSC = *((ULONGLONG *) &(pKey->KeyRSC));
993 wLocalTSC15_0 = (WORD) RSC;
994 dwLocalTSC47_16 = (DWORD) (RSC>>16);
995
996 RSC = dwRxTSC47_16;
997 RSC <<= 16;
998 RSC += wRxTSC15_0;
999 MEMvCopy(&(pKey->KeyRSC), &RSC, sizeof(QWORD));
1000
1001 if ( (pDevice->sMgmtObj.eCurrMode == WMAC_MODE_ESS_STA) &&
1002 (pDevice->sMgmtObj.eCurrState == WMAC_STATE_ASSOC)) {
1003 // check RSC
1004 if ( (wRxTSC15_0 < wLocalTSC15_0) &&
1005 (dwRxTSC47_16 <= dwLocalTSC47_16) &&
1006 !((dwRxTSC47_16 == 0) && (dwLocalTSC47_16 == 0xFFFFFFFF))) {
1007 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"TSC is illegal~~!\n ");
1008 if (pKey->byCipherSuite == KEY_CTL_TKIP)
1009 //pDevice->s802_11Counter.TKIPReplays.QuadPart++;
1010 pDevice->s802_11Counter.TKIPReplays++;
1011 else
1012 //pDevice->s802_11Counter.CCMPReplays.QuadPart++;
1013 pDevice->s802_11Counter.CCMPReplays++;
1014
1015 if (bDeFragRx) {
1016 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
1017 DBG_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
1018 pDevice->dev->name);
1019 }
1020 }
1021 return FALSE;
1022 }
1023 }
1024 }
1025 } // ----- End of Reply Counter Check --------------------------
1026
1027
1028 s_vProcessRxMACHeader(pDevice, (PBYTE)(skb->data+8), FrameSize, bIsWEP, bExtIV, &cbHeaderOffset);
1029 FrameSize -= cbHeaderOffset;
1030 cbHeaderOffset += 8; // 8 is Rcv buffer header
1031
1032 // Null data, framesize = 12
1033 if (FrameSize < 12)
1034 return FALSE;
1035
1036 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
1037 if (s_bAPModeRxData(pDevice,
1038 skb,
1039 FrameSize,
1040 cbHeaderOffset,
1041 iSANodeIndex,
1042 iDANodeIndex
1043 ) == FALSE) {
1044
1045 if (bDeFragRx) {
1046 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
1047 DBG_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
1048 pDevice->dev->name);
1049 }
1050 }
1051 return FALSE;
1052 }
1053
1054 }
1055
1056 skb->data += cbHeaderOffset;
1057 skb->tail += cbHeaderOffset;
1058 skb_put(skb, FrameSize);
1059 skb->protocol=eth_type_trans(skb, skb->dev);
1060 skb->ip_summed=CHECKSUM_NONE;
1061 pStats->rx_bytes +=skb->len;
1062 pStats->rx_packets++;
1063 netif_rx(skb);
1064 if (bDeFragRx) {
1065 if (!device_alloc_frag_buf(pDevice, &pDevice->sRxDFCB[pDevice->uCurrentDFCBIdx])) {
1066 DBG_PRT(MSG_LEVEL_ERR,KERN_ERR "%s: can not alloc more frag bufs\n",
1067 pDevice->dev->name);
1068 }
1069 return FALSE;
1070 }
1071
1072 return TRUE;
1073 }
1074
1075
1076 static BOOL s_bAPModeRxCtl (
1077 IN PSDevice pDevice,
1078 IN PBYTE pbyFrame,
1079 IN INT iSANodeIndex
1080 )
1081 {
1082 PS802_11Header p802_11Header;
1083 CMD_STATUS Status;
1084 PSMgmtObject pMgmt = &(pDevice->sMgmtObj);
1085
1086
1087 if (IS_CTL_PSPOLL(pbyFrame) || !IS_TYPE_CONTROL(pbyFrame)) {
1088
1089 p802_11Header = (PS802_11Header) (pbyFrame);
1090 if (!IS_TYPE_MGMT(pbyFrame)) {
1091
1092 // Data & PS-Poll packet
1093 // check frame class
1094 if (iSANodeIndex > 0) {
1095 // frame class 3 fliter & checking
1096 if (pMgmt->sNodeDBTable[iSANodeIndex].eNodeState < NODE_AUTH) {
1097 // send deauth notification
1098 // reason = (6) class 2 received from nonauth sta
1099 vMgrDeAuthenBeginSta(pDevice,
1100 pMgmt,
1101 (PBYTE)(p802_11Header->abyAddr2),
1102 (WLAN_MGMT_REASON_CLASS2_NONAUTH),
1103 &Status
1104 );
1105 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: send vMgrDeAuthenBeginSta 1\n");
1106 return TRUE;
1107 };
1108 if (pMgmt->sNodeDBTable[iSANodeIndex].eNodeState < NODE_ASSOC) {
1109 // send deassoc notification
1110 // reason = (7) class 3 received from nonassoc sta
1111 vMgrDisassocBeginSta(pDevice,
1112 pMgmt,
1113 (PBYTE)(p802_11Header->abyAddr2),
1114 (WLAN_MGMT_REASON_CLASS3_NONASSOC),
1115 &Status
1116 );
1117 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: send vMgrDisassocBeginSta 2\n");
1118 return TRUE;
1119 };
1120
1121 if (pMgmt->sNodeDBTable[iSANodeIndex].bPSEnable) {
1122 // delcare received ps-poll event
1123 if (IS_CTL_PSPOLL(pbyFrame)) {
1124 pMgmt->sNodeDBTable[iSANodeIndex].bRxPSPoll = TRUE;
1125 bScheduleCommand((HANDLE)pDevice, WLAN_CMD_RX_PSPOLL, NULL);
1126 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: WLAN_CMD_RX_PSPOLL 1\n");
1127 }
1128 else {
1129 // check Data PS state
1130 // if PW bit off, send out all PS bufferring packets.
1131 if (!IS_FC_POWERMGT(pbyFrame)) {
1132 pMgmt->sNodeDBTable[iSANodeIndex].bPSEnable = FALSE;
1133 pMgmt->sNodeDBTable[iSANodeIndex].bRxPSPoll = TRUE;
1134 bScheduleCommand((HANDLE)pDevice, WLAN_CMD_RX_PSPOLL, NULL);
1135 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: WLAN_CMD_RX_PSPOLL 2\n");
1136 }
1137 }
1138 }
1139 else {
1140 if (IS_FC_POWERMGT(pbyFrame)) {
1141 pMgmt->sNodeDBTable[iSANodeIndex].bPSEnable = TRUE;
1142 // Once if STA in PS state, enable multicast bufferring
1143 pMgmt->sNodeDBTable[0].bPSEnable = TRUE;
1144 }
1145 else {
1146 // clear all pending PS frame.
1147 if (pMgmt->sNodeDBTable[iSANodeIndex].wEnQueueCnt > 0) {
1148 pMgmt->sNodeDBTable[iSANodeIndex].bPSEnable = FALSE;
1149 pMgmt->sNodeDBTable[iSANodeIndex].bRxPSPoll = TRUE;
1150 bScheduleCommand((HANDLE)pDevice, WLAN_CMD_RX_PSPOLL, NULL);
1151 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: WLAN_CMD_RX_PSPOLL 3\n");
1152
1153 }
1154 }
1155 }
1156 }
1157 else {
1158 vMgrDeAuthenBeginSta(pDevice,
1159 pMgmt,
1160 (PBYTE)(p802_11Header->abyAddr2),
1161 (WLAN_MGMT_REASON_CLASS2_NONAUTH),
1162 &Status
1163 );
1164 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: send vMgrDeAuthenBeginSta 3\n");
1165 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "BSSID:%02x-%02x-%02x=%02x-%02x-%02x \n",
1166 p802_11Header->abyAddr3[0],
1167 p802_11Header->abyAddr3[1],
1168 p802_11Header->abyAddr3[2],
1169 p802_11Header->abyAddr3[3],
1170 p802_11Header->abyAddr3[4],
1171 p802_11Header->abyAddr3[5]
1172 );
1173 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "ADDR2:%02x-%02x-%02x=%02x-%02x-%02x \n",
1174 p802_11Header->abyAddr2[0],
1175 p802_11Header->abyAddr2[1],
1176 p802_11Header->abyAddr2[2],
1177 p802_11Header->abyAddr2[3],
1178 p802_11Header->abyAddr2[4],
1179 p802_11Header->abyAddr2[5]
1180 );
1181 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "ADDR1:%02x-%02x-%02x=%02x-%02x-%02x \n",
1182 p802_11Header->abyAddr1[0],
1183 p802_11Header->abyAddr1[1],
1184 p802_11Header->abyAddr1[2],
1185 p802_11Header->abyAddr1[3],
1186 p802_11Header->abyAddr1[4],
1187 p802_11Header->abyAddr1[5]
1188 );
1189 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "dpc: wFrameCtl= %x\n", p802_11Header->wFrameCtl );
1190 return TRUE;
1191 }
1192 }
1193 }
1194 return FALSE;
1195
1196 }
1197
1198 static BOOL s_bHandleRxEncryption (
1199 IN PSDevice pDevice,
1200 IN PBYTE pbyFrame,
1201 IN UINT FrameSize,
1202 IN PBYTE pbyRsr,
1203 OUT PBYTE pbyNewRsr,
1204 OUT PSKeyItem *pKeyOut,
1205 OUT PBOOL pbExtIV,
1206 OUT PWORD pwRxTSC15_0,
1207 OUT PDWORD pdwRxTSC47_16
1208 )
1209 {
1210 UINT PayloadLen = FrameSize;
1211 PBYTE pbyIV;
1212 BYTE byKeyIdx;
1213 PSKeyItem pKey = NULL;
1214 BYTE byDecMode = KEY_CTL_WEP;
1215 PSMgmtObject pMgmt = &(pDevice->sMgmtObj);
1216
1217
1218 *pwRxTSC15_0 = 0;
1219 *pdwRxTSC47_16 = 0;
1220
1221 pbyIV = pbyFrame + WLAN_HDR_ADDR3_LEN;
1222 if ( WLAN_GET_FC_TODS(*(PWORD)pbyFrame) &&
1223 WLAN_GET_FC_FROMDS(*(PWORD)pbyFrame) ) {
1224 pbyIV += 6; // 6 is 802.11 address4
1225 PayloadLen -= 6;
1226 }
1227 byKeyIdx = (*(pbyIV+3) & 0xc0);
1228 byKeyIdx >>= 6;
1229 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"\nKeyIdx: %d\n", byKeyIdx);
1230
1231 if ((pMgmt->eAuthenMode == WMAC_AUTH_WPA) ||
1232 (pMgmt->eAuthenMode == WMAC_AUTH_WPAPSK) ||
1233 (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) ||
1234 (pMgmt->eAuthenMode == WMAC_AUTH_WPA2) ||
1235 (pMgmt->eAuthenMode == WMAC_AUTH_WPA2PSK)) {
1236 if (((*pbyRsr & (RSR_ADDRBROAD | RSR_ADDRMULTI)) == 0) &&
1237 (pMgmt->byCSSPK != KEY_CTL_NONE)) {
1238 // unicast pkt use pairwise key
1239 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"unicast pkt\n");
1240 if (KeybGetKey(&(pDevice->sKey), pDevice->abyBSSID, 0xFFFFFFFF, &pKey) == TRUE) {
1241 if (pMgmt->byCSSPK == KEY_CTL_TKIP)
1242 byDecMode = KEY_CTL_TKIP;
1243 else if (pMgmt->byCSSPK == KEY_CTL_CCMP)
1244 byDecMode = KEY_CTL_CCMP;
1245 }
1246 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"unicast pkt: %d, %p\n", byDecMode, pKey);
1247 } else {
1248 // use group key
1249 KeybGetKey(&(pDevice->sKey), pDevice->abyBSSID, byKeyIdx, &pKey);
1250 if (pMgmt->byCSSGK == KEY_CTL_TKIP)
1251 byDecMode = KEY_CTL_TKIP;
1252 else if (pMgmt->byCSSGK == KEY_CTL_CCMP)
1253 byDecMode = KEY_CTL_CCMP;
1254 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"group pkt: %d, %d, %p\n", byKeyIdx, byDecMode, pKey);
1255 }
1256 }
1257 // our WEP only support Default Key
1258 if (pKey == NULL) {
1259 // use default group key
1260 KeybGetKey(&(pDevice->sKey), pDevice->abyBroadcastAddr, byKeyIdx, &pKey);
1261 if (pMgmt->byCSSGK == KEY_CTL_TKIP)
1262 byDecMode = KEY_CTL_TKIP;
1263 else if (pMgmt->byCSSGK == KEY_CTL_CCMP)
1264 byDecMode = KEY_CTL_CCMP;
1265 }
1266 *pKeyOut = pKey;
1267
1268 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"AES:%d %d %d\n", pMgmt->byCSSPK, pMgmt->byCSSGK, byDecMode);
1269
1270 if (pKey == NULL) {
1271 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"pKey == NULL\n");
1272 if (byDecMode == KEY_CTL_WEP) {
1273 // pDevice->s802_11Counter.WEPUndecryptableCount.QuadPart++;
1274 } else if (pDevice->bLinkPass == TRUE) {
1275 // pDevice->s802_11Counter.DecryptFailureCount.QuadPart++;
1276 }
1277 return FALSE;
1278 }
1279 if (byDecMode != pKey->byCipherSuite) {
1280 if (byDecMode == KEY_CTL_WEP) {
1281 // pDevice->s802_11Counter.WEPUndecryptableCount.QuadPart++;
1282 } else if (pDevice->bLinkPass == TRUE) {
1283 // pDevice->s802_11Counter.DecryptFailureCount.QuadPart++;
1284 }
1285 *pKeyOut = NULL;
1286 return FALSE;
1287 }
1288 if (byDecMode == KEY_CTL_WEP) {
1289 // handle WEP
1290 if ((pDevice->byLocalID <= REV_ID_VT3253_A1) ||
1291 (((PSKeyTable)(pKey->pvKeyTable))->bSoftWEP == TRUE)) {
1292 // Software WEP
1293 // 1. 3253A
1294 // 2. WEP 256
1295
1296 PayloadLen -= (WLAN_HDR_ADDR3_LEN + 4 + 4); // 24 is 802.11 header,4 is IV, 4 is crc
1297 MEMvCopy(pDevice->abyPRNG, pbyIV, 3);
1298 MEMvCopy(pDevice->abyPRNG + 3, pKey->abyKey, pKey->uKeyLength);
1299 rc4_init(&pDevice->SBox, pDevice->abyPRNG, pKey->uKeyLength + 3);
1300 rc4_encrypt(&pDevice->SBox, pbyIV+4, pbyIV+4, PayloadLen);
1301
1302 if (ETHbIsBufferCrc32Ok(pbyIV+4, PayloadLen)) {
1303 *pbyNewRsr |= NEWRSR_DECRYPTOK;
1304 }
1305 }
1306 } else if ((byDecMode == KEY_CTL_TKIP) ||
1307 (byDecMode == KEY_CTL_CCMP)) {
1308 // TKIP/AES
1309
1310 PayloadLen -= (WLAN_HDR_ADDR3_LEN + 8 + 4); // 24 is 802.11 header, 8 is IV&ExtIV, 4 is crc
1311 *pdwRxTSC47_16 = cpu_to_le32(*(PDWORD)(pbyIV + 4));
1312 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ExtIV: %lx\n",*pdwRxTSC47_16);
1313 if (byDecMode == KEY_CTL_TKIP) {
1314 *pwRxTSC15_0 = cpu_to_le16(MAKEWORD(*(pbyIV+2), *pbyIV));
1315 } else {
1316 *pwRxTSC15_0 = cpu_to_le16(*(PWORD)pbyIV);
1317 }
1318 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"TSC0_15: %x\n", *pwRxTSC15_0);
1319
1320 if ((byDecMode == KEY_CTL_TKIP) &&
1321 (pDevice->byLocalID <= REV_ID_VT3253_A1)) {
1322 // Software TKIP
1323 // 1. 3253 A
1324 PS802_11Header pMACHeader = (PS802_11Header) (pbyFrame);
1325 TKIPvMixKey(pKey->abyKey, pMACHeader->abyAddr2, *pwRxTSC15_0, *pdwRxTSC47_16, pDevice->abyPRNG);
1326 rc4_init(&pDevice->SBox, pDevice->abyPRNG, TKIP_KEY_LEN);
1327 rc4_encrypt(&pDevice->SBox, pbyIV+8, pbyIV+8, PayloadLen);
1328 if (ETHbIsBufferCrc32Ok(pbyIV+8, PayloadLen)) {
1329 *pbyNewRsr |= NEWRSR_DECRYPTOK;
1330 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ICV OK!\n");
1331 } else {
1332 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ICV FAIL!!!\n");
1333 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"PayloadLen = %d\n", PayloadLen);
1334 }
1335 }
1336 }// end of TKIP/AES
1337
1338 if ((*(pbyIV+3) & 0x20) != 0)
1339 *pbExtIV = TRUE;
1340 return TRUE;
1341 }
1342
1343
1344 static BOOL s_bHostWepRxEncryption (
1345 IN PSDevice pDevice,
1346 IN PBYTE pbyFrame,
1347 IN UINT FrameSize,
1348 IN PBYTE pbyRsr,
1349 IN BOOL bOnFly,
1350 IN PSKeyItem pKey,
1351 OUT PBYTE pbyNewRsr,
1352 OUT PBOOL pbExtIV,
1353 OUT PWORD pwRxTSC15_0,
1354 OUT PDWORD pdwRxTSC47_16
1355 )
1356 {
1357 PSMgmtObject pMgmt = &(pDevice->sMgmtObj);
1358 UINT PayloadLen = FrameSize;
1359 PBYTE pbyIV;
1360 BYTE byKeyIdx;
1361 BYTE byDecMode = KEY_CTL_WEP;
1362 PS802_11Header pMACHeader;
1363
1364
1365
1366 *pwRxTSC15_0 = 0;
1367 *pdwRxTSC47_16 = 0;
1368
1369 pbyIV = pbyFrame + WLAN_HDR_ADDR3_LEN;
1370 if ( WLAN_GET_FC_TODS(*(PWORD)pbyFrame) &&
1371 WLAN_GET_FC_FROMDS(*(PWORD)pbyFrame) ) {
1372 pbyIV += 6; // 6 is 802.11 address4
1373 PayloadLen -= 6;
1374 }
1375 byKeyIdx = (*(pbyIV+3) & 0xc0);
1376 byKeyIdx >>= 6;
1377 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"\nKeyIdx: %d\n", byKeyIdx);
1378
1379
1380 if (pMgmt->byCSSGK == KEY_CTL_TKIP)
1381 byDecMode = KEY_CTL_TKIP;
1382 else if (pMgmt->byCSSGK == KEY_CTL_CCMP)
1383 byDecMode = KEY_CTL_CCMP;
1384
1385 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"AES:%d %d %d\n", pMgmt->byCSSPK, pMgmt->byCSSGK, byDecMode);
1386
1387 if (byDecMode != pKey->byCipherSuite) {
1388 if (byDecMode == KEY_CTL_WEP) {
1389 // pDevice->s802_11Counter.WEPUndecryptableCount.QuadPart++;
1390 } else if (pDevice->bLinkPass == TRUE) {
1391 // pDevice->s802_11Counter.DecryptFailureCount.QuadPart++;
1392 }
1393 return FALSE;
1394 }
1395
1396 if (byDecMode == KEY_CTL_WEP) {
1397 // handle WEP
1398 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"byDecMode == KEY_CTL_WEP \n");
1399 if ((pDevice->byLocalID <= REV_ID_VT3253_A1) ||
1400 (((PSKeyTable)(pKey->pvKeyTable))->bSoftWEP == TRUE) ||
1401 (bOnFly == FALSE)) {
1402 // Software WEP
1403 // 1. 3253A
1404 // 2. WEP 256
1405 // 3. NotOnFly
1406
1407 PayloadLen -= (WLAN_HDR_ADDR3_LEN + 4 + 4); // 24 is 802.11 header,4 is IV, 4 is crc
1408 MEMvCopy(pDevice->abyPRNG, pbyIV, 3);
1409 MEMvCopy(pDevice->abyPRNG + 3, pKey->abyKey, pKey->uKeyLength);
1410 rc4_init(&pDevice->SBox, pDevice->abyPRNG, pKey->uKeyLength + 3);
1411 rc4_encrypt(&pDevice->SBox, pbyIV+4, pbyIV+4, PayloadLen);
1412
1413 if (ETHbIsBufferCrc32Ok(pbyIV+4, PayloadLen)) {
1414 *pbyNewRsr |= NEWRSR_DECRYPTOK;
1415 }
1416 }
1417 } else if ((byDecMode == KEY_CTL_TKIP) ||
1418 (byDecMode == KEY_CTL_CCMP)) {
1419 // TKIP/AES
1420
1421 PayloadLen -= (WLAN_HDR_ADDR3_LEN + 8 + 4); // 24 is 802.11 header, 8 is IV&ExtIV, 4 is crc
1422 *pdwRxTSC47_16 = cpu_to_le32(*(PDWORD)(pbyIV + 4));
1423 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ExtIV: %lx\n",*pdwRxTSC47_16);
1424
1425 if (byDecMode == KEY_CTL_TKIP) {
1426 *pwRxTSC15_0 = cpu_to_le16(MAKEWORD(*(pbyIV+2), *pbyIV));
1427 } else {
1428 *pwRxTSC15_0 = cpu_to_le16(*(PWORD)pbyIV);
1429 }
1430 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"TSC0_15: %x\n", *pwRxTSC15_0);
1431
1432 if (byDecMode == KEY_CTL_TKIP) {
1433
1434 if ((pDevice->byLocalID <= REV_ID_VT3253_A1) || (bOnFly == FALSE)) {
1435 // Software TKIP
1436 // 1. 3253 A
1437 // 2. NotOnFly
1438 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"soft KEY_CTL_TKIP \n");
1439 pMACHeader = (PS802_11Header) (pbyFrame);
1440 TKIPvMixKey(pKey->abyKey, pMACHeader->abyAddr2, *pwRxTSC15_0, *pdwRxTSC47_16, pDevice->abyPRNG);
1441 rc4_init(&pDevice->SBox, pDevice->abyPRNG, TKIP_KEY_LEN);
1442 rc4_encrypt(&pDevice->SBox, pbyIV+8, pbyIV+8, PayloadLen);
1443 if (ETHbIsBufferCrc32Ok(pbyIV+8, PayloadLen)) {
1444 *pbyNewRsr |= NEWRSR_DECRYPTOK;
1445 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ICV OK!\n");
1446 } else {
1447 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"ICV FAIL!!!\n");
1448 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"PayloadLen = %d\n", PayloadLen);
1449 }
1450 }
1451 }
1452
1453 if (byDecMode == KEY_CTL_CCMP) {
1454 if (bOnFly == FALSE) {
1455 // Software CCMP
1456 // NotOnFly
1457 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"soft KEY_CTL_CCMP\n");
1458 if (AESbGenCCMP(pKey->abyKey, pbyFrame, FrameSize)) {
1459 *pbyNewRsr |= NEWRSR_DECRYPTOK;
1460 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"CCMP MIC compare OK!\n");
1461 } else {
1462 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"CCMP MIC fail!\n");
1463 }
1464 }
1465 }
1466
1467 }// end of TKIP/AES
1468
1469 if ((*(pbyIV+3) & 0x20) != 0)
1470 *pbExtIV = TRUE;
1471 return TRUE;
1472 }
1473
1474
1475
1476 static BOOL s_bAPModeRxData (
1477 IN PSDevice pDevice,
1478 IN struct sk_buff* skb,
1479 IN UINT FrameSize,
1480 IN UINT cbHeaderOffset,
1481 IN INT iSANodeIndex,
1482 IN INT iDANodeIndex
1483 )
1484
1485 {
1486 PSMgmtObject pMgmt = &(pDevice->sMgmtObj);
1487 BOOL bRelayAndForward = FALSE;
1488 BOOL bRelayOnly = FALSE;
1489 BYTE byMask[8] = {1, 2, 4, 8, 0x10, 0x20, 0x40, 0x80};
1490 WORD wAID;
1491
1492
1493 struct sk_buff* skbcpy = NULL;
1494
1495 if (FrameSize > CB_MAX_BUF_SIZE)
1496 return FALSE;
1497 // check DA
1498 if(IS_MULTICAST_ADDRESS((PBYTE)(skb->data+cbHeaderOffset))) {
1499 if (pMgmt->sNodeDBTable[0].bPSEnable) {
1500
1501 skbcpy = dev_alloc_skb((int)pDevice->rx_buf_sz);
1502
1503 // if any node in PS mode, buffer packet until DTIM.
1504 if (skbcpy == NULL) {
1505 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "relay multicast no skb available \n");
1506 }
1507 else {
1508 skbcpy->dev = pDevice->dev;
1509 skbcpy->len = FrameSize;
1510 memcpy(skbcpy->data, skb->data+cbHeaderOffset, FrameSize);
1511 skb_queue_tail(&(pMgmt->sNodeDBTable[0].sTxPSQueue), skbcpy);
1512 pMgmt->sNodeDBTable[0].wEnQueueCnt++;
1513 // set tx map
1514 pMgmt->abyPSTxMap[0] |= byMask[0];
1515 }
1516 }
1517 else {
1518 bRelayAndForward = TRUE;
1519 }
1520 }
1521 else {
1522 // check if relay
1523 if (BSSbIsSTAInNodeDB(pDevice, (PBYTE)(skb->data+cbHeaderOffset), &iDANodeIndex)) {
1524 if (pMgmt->sNodeDBTable[iDANodeIndex].eNodeState >= NODE_ASSOC) {
1525 if (pMgmt->sNodeDBTable[iDANodeIndex].bPSEnable) {
1526 // queue this skb until next PS tx, and then release.
1527
1528 skb->data += cbHeaderOffset;
1529 skb->tail += cbHeaderOffset;
1530 skb_put(skb, FrameSize);
1531 skb_queue_tail(&pMgmt->sNodeDBTable[iDANodeIndex].sTxPSQueue, skb);
1532
1533 pMgmt->sNodeDBTable[iDANodeIndex].wEnQueueCnt++;
1534 wAID = pMgmt->sNodeDBTable[iDANodeIndex].wAID;
1535 pMgmt->abyPSTxMap[wAID >> 3] |= byMask[wAID & 7];
1536 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "relay: index= %d, pMgmt->abyPSTxMap[%d]= %d\n",
1537 iDANodeIndex, (wAID >> 3), pMgmt->abyPSTxMap[wAID >> 3]);
1538 return TRUE;
1539 }
1540 else {
1541 bRelayOnly = TRUE;
1542 }
1543 }
1544 };
1545 }
1546
1547 if (bRelayOnly || bRelayAndForward) {
1548 // relay this packet right now
1549 if (bRelayAndForward)
1550 iDANodeIndex = 0;
1551
1552 if ((pDevice->uAssocCount > 1) && (iDANodeIndex >= 0)) {
1553 bRelayPacketSend(pDevice, (PBYTE)(skb->data + cbHeaderOffset), FrameSize, (UINT)iDANodeIndex);
1554 }
1555
1556 if (bRelayOnly)
1557 return FALSE;
1558 }
1559 // none associate, don't forward
1560 if (pDevice->uAssocCount == 0)
1561 return FALSE;
1562
1563 return TRUE;
1564 }
1565
1566
1567
1568
1569 VOID
1570 RXvWorkItem(
1571 PVOID Context
1572 )
1573 {
1574 PSDevice pDevice = (PSDevice) Context;
1575 NTSTATUS ntStatus;
1576 PRCB pRCB=NULL;
1577
1578 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"---->Rx Polling Thread\n");
1579 spin_lock_irq(&pDevice->lock);
1580 while ( MP_TEST_FLAG(pDevice, fMP_POST_READS) &&
1581 MP_IS_READY(pDevice) &&
1582 (pDevice->NumRecvFreeList != 0) ) {
1583 pRCB = pDevice->FirstRecvFreeList;
1584 pDevice->NumRecvFreeList--;
1585 ASSERT(pRCB);// cannot be NULL
1586 DequeueRCB(pDevice->FirstRecvFreeList, pDevice->LastRecvFreeList);
1587 ntStatus = PIPEnsBulkInUsbRead(pDevice, pRCB);
1588 }
1589 pDevice->bIsRxWorkItemQueued = FALSE;
1590 spin_unlock_irq(&pDevice->lock);
1591
1592 }
1593
1594
1595 VOID
1596 RXvFreeRCB(
1597 IN PRCB pRCB,
1598 IN BOOL bReAllocSkb
1599 )
1600 {
1601 PSDevice pDevice = (PSDevice)pRCB->pDevice;
1602
1603
1604 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"---->RXvFreeRCB\n");
1605
1606 ASSERT(!pRCB->Ref); // should be 0
1607 ASSERT(pRCB->pDevice); // shouldn't be NULL
1608
1609 if (bReAllocSkb == TRUE) {
1610 pRCB->skb = dev_alloc_skb((int)pDevice->rx_buf_sz);
1611 // todo error handling
1612 if (pRCB->skb == NULL) {
1613 DBG_PRT(MSG_LEVEL_ERR,KERN_ERR" Failed to re-alloc rx skb\n");
1614 }else {
1615 pRCB->skb->dev = pDevice->dev;
1616 }
1617 }
1618 //
1619 // Insert the RCB back in the Recv free list
1620 //
1621 EnqueueRCB(pDevice->FirstRecvFreeList, pDevice->LastRecvFreeList, pRCB);
1622 pDevice->NumRecvFreeList++;
1623
1624
1625 if (MP_TEST_FLAG(pDevice, fMP_POST_READS) && MP_IS_READY(pDevice) &&
1626 (pDevice->bIsRxWorkItemQueued == FALSE) ) {
1627
1628 pDevice->bIsRxWorkItemQueued = TRUE;
1629 tasklet_schedule(&pDevice->ReadWorkItem);
1630 }
1631 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"<----RXFreeRCB %d %d\n",pDevice->NumRecvFreeList, pDevice->NumRecvMngList);
1632 }
1633
1634
1635 VOID
1636 RXvMngWorkItem(
1637 PVOID Context
1638 )
1639 {
1640 PSDevice pDevice = (PSDevice) Context;
1641 PRCB pRCB=NULL;
1642 PSRxMgmtPacket pRxPacket;
1643 BOOL bReAllocSkb = FALSE;
1644
1645 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"---->Rx Mng Thread\n");
1646
1647 spin_lock_irq(&pDevice->lock);
1648 while (pDevice->NumRecvMngList!=0)
1649 {
1650 pRCB = pDevice->FirstRecvMngList;
1651 pDevice->NumRecvMngList--;
1652 DequeueRCB(pDevice->FirstRecvMngList, pDevice->LastRecvMngList);
1653 if(!pRCB){
1654 break;
1655 }
1656 ASSERT(pRCB);// cannot be NULL
1657 pRxPacket = &(pRCB->sMngPacket);
1658 vMgrRxManagePacket((HANDLE)pDevice, &(pDevice->sMgmtObj), pRxPacket);
1659 pRCB->Ref--;
1660 if(pRCB->Ref == 0) {
1661 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"RxvFreeMng %d %d\n",pDevice->NumRecvFreeList, pDevice->NumRecvMngList);
1662 RXvFreeRCB(pRCB, bReAllocSkb);
1663 } else {
1664 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"Rx Mng Only we have the right to free RCB\n");
1665 }
1666 }
1667
1668 pDevice->bIsRxMngWorkItemQueued = FALSE;
1669 spin_unlock_irq(&pDevice->lock);
1670
1671 }
1672
1673
AMDTP streaming driver for the Linux FireWire stack (Juju)